Security News > 2021

We look at the big-money hacks from the 2021 Pwn2Own competition. We investigate the difficulties of hiring an assassin via the dark web.

Nothing attracts a scammer more than money, and with the NFT craze generating a ton of sales, threat actors are trying to capitalize on it. Ver the past year, NFTs have reached mainstream attention as artists sell their digital art for cryptocurrency at popular websites such as Rarible and OpenSea.

A majority of the largest energy companies in the United States appear to have neglected the security of their domain names, according to CSC, a firm that specializes in securing online assets. The data covers the 30 biggest U.S. companies that produce and deliver energy.

More than 40 organizations have been targeted in a global campaign focused on the COVID-19 vaccine cold chain infrastructure, which handles the distribution of vaccines and their storage at the required temperatures. A total of 44 organizations in 14 countries were targeted.

Jack Wallen shows you how to add an SSH tarpit to Ubuntu Server with the help of endlessh. Essentially, a tarpit will run on the standard SSH port and, when a hacker attempts to break through that port, they'll wind up stuck in an endless loop.

Several variants of the Gafgyt Linux-based botnet malware family have incorporated code from the infamous Mirai botnet, researchers have discovered. Gafgyt is a botnet that was first uncovered in 2014.

In a new report, X-Force said it recently discovered a series of phishing emails targeting 44 companies across 14 countries, all involved in the coronavirus vaccine cold chain, an aspect of the overall supply chain that ensures the safety of vaccines transported and stored in cold environments. Seen last September, the phishing campaign deploys emails spoofing a business executive from Haier Biomedical, a legitimate member company of the COVID-19 vaccine supply chain and reportedly the world's only complete cold chain provider.

Microsoft Edge's new child-friendly 'Kids Mode' is now generally available and has begun rolling out to users in the USA. In February, Microsoft announced a new child-friendly Kids Mode designed for children between the ages of 5-8 and 9-12 that provides a safe environment for children to browse the web and consume family-friendly content. What is nice about Microsoft Edge's Kids Mode is that you do not have to set up parental controls, install software on different devices, or deal with a lengthy configuration.

Russia's infamous APT 29, aka Cozy Bear, was behind the SolarWinds Orion attack, the US and UK governments said today as America slapped sanctions on Russian infosec companies as well as expelling diplomats from that country's US embassy. "The Russian Intelligence Services' third arm, the SVR, is responsible for the 2020 exploit of the SolarWinds Orion platform and other information technology infrastructures. This intrusion compromised thousands of US government and private sector networks," said the US Treasury.

The University of Hertfordshire has fallen victim to a cyber attack that has resulted in the establishment pulling all its systems offline to deal with the situation. The university's Wi-Fi is down and there is no student access to its computer facilities.